Exceptionally reliable and easy to use, SME Server can be installed and configured in less than 20 minutes – yet it’s powered by a secure and open Linux platform that’s fully upgradeable and customizable. Simply install it on any standard PC and in minutes you’ll have a robust Linux-based LAMP server capable of fully replacing those expensive Windows server licenses and providing a full range of services – including e-mail, firewall, file and print-sharing, web hosting, remote access and more.

We firmly believe that Oracle Linux is the best Linux distribution on the market today. It’s reliable, it’s affordable, it’s 100% compatible with your existing applications, and it gives you access to some of the most cutting-edge innovations in Linux like Ksplice and dtrace.

Well, for one, you’re getting the exact same bits our paying enterprise customers are getting. So that means a few things. Importantly, it means virtually no delay between when Red Hat releases a kernel and when Oracle Linux does:

Also had to yum install gtk2.i686. Here’s the solution from the above link for Debian based systems:

Updated: Since it seems this answer is still getting viewed, and occassionally up-voted, note that the solution above works on CentOS, Fedora, or Red Hat derived operating systems; on a Debian or Ubuntu derived system, however, one would instead use

sudo apt-get install ia32-lib

For some reason, after all these years of using 64 bit OSs, and still having an active, running FC10 installation, this was the first time I had no choice but to run a 32-bit app on a 64 bit machine.
The above solution worked

If you have downloaded, created, or rebuilt RPM packages locally (as explained in TipsAndTricks/YumAndRPM “Get set up for rebuilding packages while not being root”) you may want a place to put them so they are accessible from all the machines on your local net.

This didn’t work the first time I tried it and now it does. For some reason eth0 and eth1 get switched on the 64bit CentOS 5.7 build which causes routing problems. This can also be solved by fixing the static routes in /etc/rc.local. It bothered me to have these interfaces have different names depending on what OS is running. I think there’s also a way to force this in /etc/udev/ directory by adding a persistent-net rule file. It all works now.

BTW: I also changed /etc/sysconfig/hwconf but don’t think that had any effect.

I’m finding that more and more software developers are being quite inconsiderate and are making code that requires PHP 5.3. Since many server-based and long-term support distros are still on PHP 5.2, this can make things difficult quickly.

For our particular server, several spikes immediately raise suspicions: 15 February and 19 July, when new versions of OpenSSH were installed; 20 October, when the server cleanup took place. Additionally, we found spikes on 10 February and 3 April, when certain events took place. We were able to identify “dovecot” crashes on these dates, although we can’t be sure they were caused by the attackers (“dovecot” remote exploit?) or simply instabilities.

Of course, for server ‘A’, three big questions remain:

How did the attackers get access to this computer in the first place?

What exactly was its purpose and how was it (ab-)used?

Why did the attackers replace the stock OpenSSH 4.3 with version 5.8?

Interesting read. Apparently there might have been a zero day exploit in openssh.

The only things you should need open to the internet are SSH (“the attackers may have used a zero-day in OpenSSH 4.3 to compromise the C&C servers initially”) and/or IPSec/L2TP. Anything else should redirect to a DMZ that does NOT route to the same subnet as SSH/IPSec/L2TP. The DMZ should not have port access to the regular network (everything should be pushed). The firewall should be set to not allow active connections out from the DMZ to anywhere, and any activity should not just be logged, but flagged and sent to the administrator. All devices in the DMZ should log to a remote (to them) syslog that is polled from outside the DMZ.

There… that’s the ideal world. In reality, this doesn’t account for people who don’t have that much hardware/expertise with VMs, for people who don’t keep up with their patches, for those who want to do an end-run around this policy to set up torrents, etc. directly from their working computer, etc.

It also doesn’t help that most gateway routers these days have some full-fledged OS inside and as a result often have exploits that can be leveraged directly against them due to inappropriate default configurations.

Post navigation

Archives

Archives

Links

The links below show sites for products I use or provide information and/or knowledge I find useful and you may too. There are no paid advertisements on this site and no google (or anyone else's) analytic user tracking.